CN113708940B - Container lock data processing method, related equipment and storage medium - Google Patents

Container lock data processing method, related equipment and storage medium Download PDF

Info

Publication number
CN113708940B
CN113708940B CN202111267301.7A CN202111267301A CN113708940B CN 113708940 B CN113708940 B CN 113708940B CN 202111267301 A CN202111267301 A CN 202111267301A CN 113708940 B CN113708940 B CN 113708940B
Authority
CN
China
Prior art keywords
container lock
data
event
sensor data
uplink
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111267301.7A
Other languages
Chinese (zh)
Other versions
CN113708940A (en
Inventor
高智敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Benavi Technology Co ltd
Original Assignee
Shenzhen Benavi Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Benavi Technology Co ltd filed Critical Shenzhen Benavi Technology Co ltd
Priority to CN202111267301.7A priority Critical patent/CN113708940B/en
Publication of CN113708940A publication Critical patent/CN113708940A/en
Application granted granted Critical
Publication of CN113708940B publication Critical patent/CN113708940B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3255Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00412Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal being encrypted
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a container lock data processing method, related equipment and a storage medium, wherein the method comprises the steps of obtaining sensor data of a container lock and a data uplink event corresponding to the sensor data, wherein the data uplink event is an event created by the container lock under the condition that a target user of terminal equipment passes identity verification of the container lock; uploading the data uplink event and the sensor data to a blockchain network; and after the data chaining event and the sensor data are uploaded, sending feedback information to the container lock to inform the container lock of clearing the sensor data.

Description

Container lock data processing method, related equipment and storage medium
Technical Field
The invention relates to the technical field of block chains, in particular to a container lock data processing method, related equipment and a storage medium.
Background
At present, in the marine transportation industry, traditional container locks (lead sealing) are the mainstream method for ensuring the integrity of the containers. Each lead seal is provided with a seal number, and the seal number is recorded and documented by a monitoring person when the lead seal is packaged. The lead seal is designed to be locked and unlocked only, and can be removed only through external force damage. In the case of no or damaged lead seal, the container may be considered to be non-integrity except for the final recipient's sign-on link, and the recipient may be entitled to rejection.
The lead seal has a simple structure, is easy to copy and manufacture, and the lead seal number is usually recorded through a paper form and needs to be manually checked in accident investigation, so that the timeliness of complaint solution is reduced. Therefore, the container using the lead seal is inconvenient to manage, and the accident investigation and responsibility determination difficulty is high; while some electronic locks may store data generated in use to provide relevant evidence, the locks may still be broken and the information security is not high.
Disclosure of Invention
The application provides a container lock data processing method and device, a container lock and a medium.
In a first aspect, a container lock data processing method is provided, which is applied to a terminal device, and includes:
acquiring sensor data of a container lock and a data uplink event corresponding to the sensor data, wherein the data uplink event is an event created by the container lock when a target user of the terminal equipment passes the identity verification of the container lock;
uploading the data uplink event and the sensor data to a blockchain network;
and after the data chaining event and the sensor data are uploaded, sending feedback information to the container lock to inform the container lock of clearing the sensor data.
In a second aspect, a data processing method for a container lock is provided, which is applied to a container lock and includes:
under the condition that a target user of a terminal device passes identity authentication, a data uplink event corresponding to sensor data of the container lock is created, and the data uplink event and the sensor data are uploaded to a block chain network through the terminal device;
and clearing the sensor data after the data uplink event and the sensor data are uploaded.
In a third aspect, a terminal device is provided, which includes:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring sensor data of a container lock and a data uplink event corresponding to the sensor data, and the data uplink event is an event created by the container lock under the condition that a target user of the terminal equipment passes identity verification of the container lock;
an upload module for uploading the data uplink event and the sensor data to a blockchain network;
and the transmission module is used for sending feedback information to the container lock after the data chaining event and the sensor data are uploaded, so as to inform the container lock of clearing the sensor data.
In a fourth aspect, there is provided another terminal device, comprising a memory and a processor, the memory storing a computer program, which, when executed by the processor, causes the processor to perform the steps as in the first aspect and any one of its possible implementations.
In a fifth aspect, there is provided a container lock comprising:
the data uplink module is used for creating a data uplink event corresponding to the sensor data of the container lock under the condition that a target user of the terminal equipment passes identity verification, so that the data uplink event and the sensor data are uploaded to a block chain network through the terminal equipment;
and the cleaning module is used for cleaning the sensor data after the data chaining event and the sensor data are uploaded.
A sixth aspect provides a computer storage medium having stored thereon one or more instructions adapted to be loaded by a processor and to perform the steps of the first aspect and any of its possible implementations as described above, or the second aspect and any of its possible implementations as described above.
The method for processing the container lock data provided by the embodiment of the application is applied to terminal equipment, and comprises the steps of acquiring sensor data of a container lock and a data uplink event corresponding to the sensor data, wherein the data uplink event is an event created by the container lock under the condition that a target user of the terminal equipment passes identity verification of the container lock; uploading the data uplink event and the sensor data to a blockchain network; data cochain incident and sensor data upload the completion back, to the container lock sends feedback information, in order to inform the container lock clears away sensor data utilizes the characteristic of block chain, and the sensor data of container lock can upload the block chain network through the terminal equipment of the marine practitioner through authentication, and can not lose because of the damage of container lock, and information security is higher, and the management of being convenient for is verified, can provide powerful clue for accident investigation or complaint solution, and has strengthened the timeliness of this flow, has also saved the memory of container lock to a certain extent in addition.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments or the background art of the present application, the drawings required to be used in the embodiments or the background art of the present application will be described below.
Fig. 1 is a schematic structural diagram of a container lock according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of a container lock data processing method according to an embodiment of the present disclosure;
fig. 3 is a schematic flow chart of another container lock data processing method according to an embodiment of the present disclosure;
fig. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a terminal device according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "first," "second," and the like in the description and claims of the present application and in the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
The embodiments of the present application will be described below with reference to the drawings.
To illustrate the method in the embodiments of the present application more clearly, a general design of a container lock is first introduced.
The container lock in the embodiment of the application is a lock arranged on a container, and is controlled by combining a software method, so that the operations of identity verification, unlocking, locking, related data processing and the like can be realized. The container lock can implement data processing based on the block chain.
The software part in the application can comprise three modules of identity authentication, communication and trusted event storage. The software can be burned in a system on chip (SoC), the software part comprises an open source real-time embedded operating system (MBEDOS), and the SoC is an ARM Cortex-M architecture chip with a Trusted Execution Environment (TEE) technology. The trusted execution environment is an isolated area directly managed by the processor, and the code running in the trusted execution environment is completely isolated from the system to ensure privacy, such as the security of a private key.
The storage module (for example, a Micro SD card can be used) in the embodiment of the present application reserves a trusted event storage space for recording all event records (for example, an on-off lock event, a sensor data event, and the like) of the lock.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a container lock according to an embodiment of the present application, as shown in fig. 1, including a wire 1, a chip 2, a detection module 3, a communication module 4, and a power supply module 5.
The chip 2 may be the SoC, or may select other chip types according to the requirement, which is not limited herein.
The physical state of the lock in the embodiment of the present application at least includes two types, i.e., open or closed, and the detection module 3 in the container lock can detect the physical state (open or closed) of the lock, mainly based on the following: if the lock is in an open state, the conducting wire 1 is electrified, otherwise, the conducting wire is not electrified.
In conjunction with the software portion, the lock may have three virtual states:
if the conducting wire 1 is in a power-on state (the detection module 3 detects a high level), the lock is closed.
If the conductor 1 is powered down (the detection module 3 detects a low level), the last event is read from the trusted event store.
If the last event is unlocking, the lock is in a normal open state.
If the last event was a close, the lock is in an abnormal open state, at which point the lock may have been forced open or broken. This aspect may also refer to the relevant steps described in the embodiment shown in fig. 2.
In an alternative embodiment, the detection module 3 is implemented using a D flip-flop. The clock end of the D flip-flop is synchronous with the CPU clock on the SoC. In the state that the lock is closed, the input end of the D trigger is 5V or 3.3V voltage required by the chip. To accurately detect the low level, the input pin of the D flip-flop should be connected to the pull-down resistor and to ground when the conductor 1 is powered down.
In an alternative embodiment, the communication module 4 may use a bluetooth communication module, such as bluetooth low energy BLE5.0, which conforms to Beacon standard and has the capability of listening to bluetooth broadcast. At the software level, the privacy and the safety of communication are ensured by encrypting a channel. Optionally, in the embodiment of the present application, a communication module in another communication mode may also be selected.
The communication module 4 has the following two functions:
1. collecting data of sensors (such as container thermometers, hygrometers and the like) and storing the data in a credible event storage space;
2. and transmitting the event back to the block chain through a terminal device (such as a smart phone).
Optionally, the container lock in the embodiment of the present application may be provided with a specific power supply module 5 as needed. For example, in one practical embodiment, the overall system current is 2.8 microamps and the full load is about 2.88 milliamps in the standby state, and the power consumption is 2.94 milliamps per day under an estimation of an average full load of 1 hour per day, taking into account energy consumption; the system voltage is 3.3V, rechargeable lithium thionyl chloride cells can be used in the examples of this application, with an energy density of about 500wh/kg, sufficient to support most marine cycles. Any standard charging circuit can be used for the power supply module 5, which is not limited in this embodiment of the present application.
Referring to fig. 2, fig. 2 is a schematic flowchart illustrating a method for processing data of a container lock according to an embodiment of the present disclosure. The method can comprise the following steps:
201. the method comprises the steps of obtaining sensor data of a container lock and a data uplink event corresponding to the sensor data, wherein the data uplink event is an event created by the container lock when a target user of the terminal equipment passes the authentication of the container lock.
The container lock data processing method in the application can be used for data chaining and data tracing processes of the container lock based on the block chain, and the processes and the opening and closing processes of the container lock relate to two ends:
the user (terminal device), as a controller of the container lock, may control the container lock through the terminal device, which may be a mobile terminal. The user may be a maritime worker, and may use an Application program (App) on the terminal device to interact and control with the container lock through a communication method such as bluetooth.
The execution subject of the container lock data processing method in the present application is a container lock, such as the container lock shown in fig. 1. The container lock comprises a controller (chip), and the controller controls and executes a software method so as to realize the container lock data processing method in the embodiment of the application.
First, in the embodiment of the present application, the identity verification in the container lock may use a linkable ring signature algorithm. The ring signature mechanism can guarantee the identity privacy of the participants by considering the environmental characteristics of the shipping container lock (such as a plurality of participating roles in the block chain). For a maritime alliance consisting of a plurality of participants (a ship company, a trailer company and the like), the cooperation inside the alliance and the game are also achieved, and in some scenes, the protection of the identity of a user is very necessary. The traditional ring signature mechanism does not have a third party (a party without a data signature ring) capable of opening a signature, and a scheme with responsibility relevance and defamation resistance is adopted in the embodiment of the application, namely two ring signatures generated based on the same public key list can judge whether the two ring signatures come from the same signer, so that responsibility tracing is facilitated, and the signer is prevented from being turned to 35820 and trap.
The target user is a user who arbitrarily controls the container lock (to open or close), such as a maritime practitioner.
The target user can acquire a historical physical code, namely an old physical code (PKlock _ old) of the lock, from the container lock through the terminal equipment, and can inquire whether the related last marine transaction is completed through the old physical code of the lock; if not, the operation cannot be continued; if the authentication is finished, the authentication process is continued. If the lock is a new lock, the old physical code is set when the lock leaves the factory.
The container lock can perform identity authentication on a target user, and specifically, the container lock can perform identity authentication through patent CN112307445B (a block chain-based identity management method and apparatus, hereinafter referred to as an identity management apparatus). If the verification fails, the operation cannot be continued. If the verification is passed, the container lock can create a data uplink event eventup, and the event is encrypted by a private key SKlock corresponding to the new physical code but is not stored in the trusted event storage space. Optionally, the plaintext format of the uplink event may be as shown in table 1:
operation ID Operation value Time of operation Operator
Query data operation ID Is free of Unix time stamp Inquiring operator's public key
TABLE 1
The terminal device may obtain sensor data (sensor event data) of the container lock and generate the uplink event, and execute step 202.
202. And uploading the data uplink event and the sensor data to a block chain network.
In the embodiment of the application, the sensor data in the container lock can be uploaded to the block chain network through the terminal equipment.
In an alternative embodiment, the data link event is encrypted by a private key corresponding to a target physical code of the container lock;
prior to step 202, the method further comprises:
acquiring an initialization event of the container lock from a block chain under the condition that the target user passes the identity authentication of the container lock, wherein the initialization event comprises a target public key ring corresponding to the container lock and the target physical code;
and encrypting the digest of the sensor data by using the private key of the target user and the target public key ring, generating a digital signature, and writing the digital signature into an operator field of the data uplink event.
Optionally, the uplink event further includes an uplink operation identifier, an uplink operation value, and an uplink operation time;
the uplink operation value includes an accumulator sum of the summary of each sensor data, and the accumulator sum is used for judging whether the uploaded sensor data is complete or not in the blockchain network.
Optionally, the uplink operation value includes an extracted address and a summary corresponding to the sensor data provided by the blockchain network.
Specifically, after the authentication is passed, the lock initialization process may be started. The initialization steps are as follows:
the target physical code, i.e. the new physical code of the lock (public key PKlock in the new RSA key pair), the target public key ring in the ring signature (Ringpk) is generated at the terminal device and compressed to a constant length (Ringc) by the accumulator. The target public key ring in the ring signature consists of the public keys of all participants participating in the current shipment (PK 1 … n) and the new physical code of the lock (PKlock). By the accumulator technology in cryptography, the public key ring can be compressed into a constant length for storage in the internet of things device (in the invention, the container lock). The constant public key ring (Ringc), the public key (pkop, belonging to PK1 … n) of the operator, the new physical code (PKlock) and the private key (SKlock) corresponding to the new physical code are RSA encrypted by the old physical code (PKlock _ old), and the initialization ciphertext m is generated and sent back to the lock.
After receiving the initialization ciphertext m, the lock reads a private key (SKlock _ old) corresponding to the old physical code (in the TEE), and decrypts the ciphertext m to obtain a constant public key ring (Ringc), a public key (pkop), a new lock physical code (PKlock) and a private key (SKlock) corresponding to the new physical code. The private key SKlock, the public key ring (Ringc), and the new physical code (PKlock) corresponding to the new physical code will replace the old private key SKlock _ old, the old public key ring, and the old physical code (PKlock _ old) stored originally.
The initialization event (event 0) can be stored in a trusted event storage space after being encrypted by a private key SKlock corresponding to the new physical code. For example, the system may include an initialization operation identifier (ID of the initialization operation), the target public key ring (Ringc), the target physical code (PKlock), an initialization operation time (Unix timestamp), and a digital signature of an initialization operator, and a clear text format of a specific event may be as shown in table 2:
operation ID Operation value Time of operation Operator
ID of initialization operation Public key ring (Ringc), new physical code PKlock Unix time stamp Operator ring digital signature
TABLE 2
Optionally, the initialization event may be transmitted to the terminal device, and may be uploaded to the block chain through the network for tracing.
In the case that the target user passes the authentication of the container lock, the terminal device may query the blockchain network to obtain an initialization event0 of the lock, and obtain a public key ring (Ringc) and a physical code PKlock from the initialization event 0.
And encrypting the digest hash of the original sensor data by the target user through a linkable ring signature algorithm by using a private key SKop and a public key ring Ringc of the target user, generating a digital signature s, and writing an operator field of the uplink event eventup. The uplink data event and the sensor data are uploaded to the blockchain network through a terminal equipment (APP) of the target user.
In an embodiment of the present application, the blockchain network may invoke a pre-agreed intelligent contract interface, store the sensor data in a distributed storage network, such as IPFS, and compute the sum of the accumulators of the summary of the data. If the accumulator sum does not match the EVentup, the data is incomplete and needs to be re-uploaded. And if the two data are consistent, the distributed storage network returns the extraction address addr and the abstract h of the data. addr and h are written into the operation value field (uplink operation value) of eventup and packed into block uplink.
Optionally, the method for generating the digital signature in the embodiment of the present application may not be a ring signature, that is, may replace another digital signature such as an algorithm based on RSA and the like.
203. And after the data chaining event and the sensor data are uploaded, sending feedback information to the container lock to inform the container lock of clearing the sensor data.
After the data is successfully linked up, the local sensor data of the container lock is cleared to make room for new data.
The container lock data processing method in the embodiment of the application is applied to terminal equipment, and is characterized in that sensor data of a container lock and a data uplink event corresponding to the sensor data are obtained, wherein the data uplink event is an event created by the container lock under the condition that a target user of the terminal equipment passes identity verification of the container lock; uploading the data uplink event and the sensor data to a blockchain network; data cochain incident and sensor data upload the completion back, to the container lock sends feedback information, in order to inform the container lock clears away sensor data utilizes the characteristic of block chain, and the sensor data of container lock can upload the block chain network through the terminal equipment of the marine practitioner through authentication, and can not lose because of the damage of container lock, and information security is higher, and the management of being convenient for is verified, can provide powerful clue for accident investigation or complaint solution, and has strengthened the timeliness of this flow, has also saved the memory of container lock to a certain extent in addition.
Referring to fig. 3, an embodiment of the present application further discloses another container lock data processing method, as shown in fig. 3, the method is applied to a container lock, and specifically includes:
301. under the condition that a target user of terminal equipment passes identity authentication, a data uplink event corresponding to sensor data of the container lock is created, and the data uplink event and the sensor data are uploaded to a block chain network through the terminal equipment;
302. and clearing the sensor data after the data uplink event and the sensor data are uploaded.
In an alternative embodiment, the data link event is encrypted by a private key corresponding to a target physical code of the container lock; the method further comprises the following steps:
and generating and storing an initialization event in the blockchain network under the condition that the target user of the terminal device passes identity authentication, wherein the initialization event comprises a target public key ring corresponding to the container lock and the target physical code, and the target public key ring and the target physical code are used for being acquired by the terminal device and used for encrypting the digest of the sensor data.
The above steps have already been described in the embodiment shown in fig. 1, and are not described again here.
Optionally, the method further includes:
and under the condition of receiving a data query request of the terminal equipment, creating a data query event, wherein the data query event is encrypted by a private key corresponding to the target physical code, and the data query event is used for triggering a block chain network to provide an event corresponding to the target physical code of the container lock for the terminal equipment.
The method further comprises the following steps:
and under the condition of receiving a data query request of the terminal equipment, creating a data query event, wherein the data query event is encrypted by a private key corresponding to the target physical code, and the data query event is used for triggering a block chain network to provide an event corresponding to the target physical code of the container lock for the terminal equipment.
If an accident occurs in the marine transportation, accident investigation needs to be carried out or a report needs to be extracted from marine transportation data, and the data of the block chain needs to be traced, and the specific operation is as follows:
the identity authentication of the target user currently associated with the container lock at the terminal device APP can be specifically performed through patent CN112307445B (a block chain-based identity management method and apparatus, hereinafter referred to as identity management apparatus). If the verification fails, the operation cannot be continued. If the verification is passed, the container lock may create a data query event eventq, and the data query event eventq may be encrypted by a private key SKlock corresponding to the new physical code (target physical code), but may not be stored in the trusted event storage space. The specific event plaintext format may be as shown in table 3 below:
operation ID Operation value Time of operation Operator
Query data operation ID Is free of Unix time stamp Inquiring operator's public key
TABLE 3
The blockchain network may pass back all events (including sensor events) related to the target physical code PKlock. The user can rapidly analyze the persons at the event location where the accident occurs through the event. For example, when and at what flight segment the container lock is broken; cold chain foods can be spoiled when the temperature is too high.
The encryption algorithm library used in the embodiment of the present application is MBedTLS provided in MBedOS. The MBedTLS is based on the C language, and provides space and calculation optimization for the ARM Contex-M architecture Internet of things equipment. MBedTLS itself provides basic encryption as well as digest algorithms such as RSA, AES, SHA256, and the like. In the embodiment of the application, a linkable ring signature algorithm based on an accumulator is provided.
In consideration of environmental characteristics (such as numerous participation roles in a block chain) of the shipping container lock, the ring signature mechanism is adopted in the embodiment of the application to ensure the identity privacy of participants. For a maritime alliance consisting of a plurality of participants (a ship company, a trailer company and the like), the cooperation inside the alliance and the game are also achieved, and in some scenes, the protection of the identity of a user is very necessary. The traditional ring signature mechanism does not have a third party (a party not belonging to a public key ring) capable of opening the signature, so that the signer is prevented from being updated 35820 for convenience of tracing responsibility, and a scheme with responsibility relevance and scandality resistance is needed, namely two ring signatures generated based on the same public key ring can judge whether the two ring signatures come from the same signer. After the incident occurs and it is known by analysis which incident caused the incident, the suspected operator can be made to generate a ring digital signature for the incident again. If the ring signature is consistent with the ring signature of the event record, the responsibility is correct, and if the ring signature is not consistent, the responsibility is incorrect.
The number of participants is not necessarily considered to be one of the marine things. In general, the size of the public key ring is proportional to the number of participants. Since the lock's TEE space is limited, it is necessary to compress the size of the public key ring to a constant value using an accumulator.
At present, in the marine transportation industry, traditional container locks (lead sealing) are the mainstream method for ensuring the integrity of the containers. Each lead seal is provided with a seal number, and the seal number is recorded and documented by a monitoring person when the lead seal is packaged. The lead seal can only be locked and can not be unlocked during design, and can only be detached through external force damage. In the case of a lead-free or broken seal, the container may be considered to be non-integrity except for the final recipient's sign-on link and all recipients may be entitled to rejection.
In the embodiment of the application, the container lock (chain lock) interacting with the block chain compresses and encrypts the public key (such as a sender, a receiver, a shipper, an inspector and the like) of a participant related to the container and the hardware code of the participant through a ring signature and accumulator encryption technology to generate a signature ring with a fixed length. Information (such as location, temperature and humidity in the container and the like) relating the identity verification result to the container at each check point (including fixed check points and timing check points) including sensor data is uploaded to the block chain. All maritime participants can query the location of the container, the current carrier, and the integrity of the container in real time through the block chain. To ensure the integrity of the container, each time the chain lock is opened or broken, the hardware code itself is changed.
Based on the description of the container lock data processing method embodiment, the embodiment of the application also discloses a terminal device. Referring to fig. 4, the terminal device 400 includes:
an obtaining module 410, configured to obtain sensor data of a container lock and a data uplink event corresponding to the sensor data, where the data uplink event is an event created by the container lock when a target user of the terminal device passes identity verification of the container lock;
an upload module 420 configured to upload the data uplink event and the sensor data to a blockchain network;
a transmission module 430, configured to send feedback information to the container lock after the data uplink event and the sensor data are uploaded, so as to notify the container lock to clear the sensor data.
According to an embodiment of the present application, each step involved in the method shown in fig. 2 may be performed by each module in the terminal device 400 shown in fig. 3, and is not described herein again.
The terminal device 400 in this embodiment of the application may obtain sensor data of a container lock and a data uplink event corresponding to the sensor data, where the data uplink event is an event created by the container lock when a target user of the terminal device passes identity verification of the container lock; uploading the data uplink event and the sensor data to a blockchain network; data cochain incident and sensor data upload the completion back, to the container lock sends feedback information, in order to inform the container lock clears away sensor data utilizes the characteristic of block chain, and the sensor data of container lock can upload the block chain network through the terminal equipment of the marine practitioner through authentication, and can not lose because of the damage of container lock, and information security is higher, and the management of being convenient for is verified, can provide powerful clue for accident investigation or complaint solution, and has strengthened the timeliness of this flow, has also saved the memory of container lock to a certain extent in addition.
Based on the description of the above container lock data processing method embodiment, an embodiment of the present application further provides a container lock, as shown in fig. 5, the container lock 500 includes:
a data uplink module 510, configured to create a data uplink event corresponding to the sensor data of the container lock when a target user of a terminal device passes identity verification, so as to upload the data uplink event and the sensor data to a blockchain network through the terminal device;
a clearing module 520, configured to clear the sensor data after the data uplink event and the sensor data are uploaded.
According to an embodiment of the present application, each step involved in the method shown in fig. 3 and any step performed by the container lock in fig. 2 may be performed by each module in the container lock 500 shown in fig. 5, and will not be described herein again.
Based on the description of the above container lock data processing method embodiment, the embodiment of the present application further discloses a container lock, which may include a memory and a processor, where the memory stores a computer program. Wherein, each component unit in the container lock can be connected through a bus or other modes.
A computer storage medium may be stored in the memory of the container lock, the computer storage medium being configured to store a computer program comprising program instructions, the processor being configured to execute the program instructions stored by the computer storage medium. The processor (or CPU) is a computing core and a control core of the container lock, and is adapted to implement one or more instructions, and in particular, is adapted to load and execute the one or more instructions so as to implement a corresponding method flow or a corresponding function; in an embodiment, the processor described above in this embodiment of the present application may be configured to perform a series of processes, including the steps involved in the method shown in fig. 3 and the steps performed by the container lock in fig. 2, which are not described herein again.
The embodiment of the present application further provides a computer storage medium (Memory), which is a Memory device in an electronic device (container lock or terminal device) and is used for storing programs and data. It is understood that the computer storage medium herein may include both a built-in storage medium in the electronic device and, of course, an extended storage medium supported by the electronic device. Computer storage media provide storage space that stores an operating system for an electronic device. Also stored in the memory space are one or more instructions, which may be one or more computer programs (including program code), suitable for loading and execution by the processor. The computer storage medium may be a high-speed RAM memory, or may be a non-volatile memory (non-volatile memory), such as at least one disk memory; and optionally at least one computer storage medium located remotely from the processor.
In one embodiment, one or more instructions stored in a computer storage medium may be loaded and executed by a processor to perform the corresponding steps in the above embodiments; in a specific implementation, one or more instructions in the computer storage medium may be loaded by the processor and perform the steps involved in the method shown in fig. 2 or fig. 3, which are not described herein again.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and modules may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the division of the module is only one logical division, and other divisions may be possible in actual implementation, for example, a plurality of modules or components may be combined or integrated into another system, or some features may be omitted, or not performed. The shown or discussed mutual coupling, direct coupling or communication connection may be an indirect coupling or communication connection of devices or modules through some interfaces, and may be in an electrical, mechanical or other form.
Modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The procedures or functions according to the embodiments of the present application are wholly or partially generated when the computer program instructions are loaded and executed on a computer. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on or transmitted over a computer-readable storage medium. The computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)), or wirelessly (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that includes one or more of the available media. The usable medium may be a read-only memory (ROM), or a Random Access Memory (RAM), or a magnetic medium, such as a floppy disk, a hard disk, a magnetic tape, a magnetic disk, or an optical medium, such as a Digital Versatile Disk (DVD), or a semiconductor medium, such as a Solid State Disk (SSD).

Claims (9)

1. A container lock data processing method is applied to terminal equipment, and comprises the following steps:
acquiring sensor data of a container lock and a data uplink event corresponding to the sensor data, wherein the data uplink event is an event created by the container lock under the condition that a target user of the terminal equipment passes identity verification of the container lock, and the data uplink event is encrypted by a private key corresponding to a target physical code of the container lock;
acquiring an initialization event of the container lock from a block chain under the condition that the target user passes the identity verification of the container lock, wherein the initialization event comprises a target public key ring corresponding to the container lock and the target physical code;
encrypting the digest of the sensor data by using the private key of the target user and the target public key ring, generating a digital signature, and writing the digital signature into an operator field of the data uplink event;
uploading the data uplink event and the sensor data to a blockchain network;
and after the data chaining event and the sensor data are uploaded, sending feedback information to the container lock to inform the container lock of clearing the sensor data.
2. The container lock data processing method according to claim 1, wherein the data uplink event further includes an uplink operation identifier, an uplink operation value, and an uplink operation time;
the uplink operation value comprises an accumulator sum of the summary of each piece of sensor data, and the accumulator sum is used for judging whether the uploaded sensor data is complete or not by the blockchain network.
3. The container lock data processing method according to claim 2, wherein the uplink operation value includes an extracted address and a digest corresponding to the sensor data provided by a blockchain network.
4. A container lock data processing method is applied to a container lock, and comprises the following steps:
generating and storing an initialization event in a blockchain network under the condition that a target user of a terminal device passes identity authentication, wherein the initialization event comprises a target public key ring and a target physical code corresponding to the container lock, and the target public key ring and the target physical code are used for being acquired by the terminal device and used for encrypting the digest of the sensor data;
under the condition that a target user of a terminal device passes identity verification, creating a data uplink event corresponding to sensor data of the container lock, so that the data uplink event and the sensor data are uploaded to a block chain network through the terminal device, wherein the data uplink event is encrypted through a private key corresponding to a target physical code of the container lock;
and clearing the sensor data after the data uplink event and the sensor data are uploaded.
5. The container lock data processing method according to claim 4, further comprising:
and under the condition that a data query request of the terminal equipment is received, creating a data query event, wherein the data query event is encrypted by a private key corresponding to the target physical code, and the data query event is used for triggering a block chain network to provide an event corresponding to the target physical code of the container lock for the terminal equipment.
6. A terminal device, comprising:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring sensor data of a container lock and a data uplink event corresponding to the sensor data, the data uplink event is an event created by the container lock under the condition that a target user of the terminal equipment passes identity verification of the container lock, and the data uplink event is encrypted by a private key corresponding to a target physical code of the container lock;
the obtaining module is further configured to obtain an initialization event of the container lock from a block chain under the condition that the target user passes the identity authentication of the container lock, where the initialization event includes a target public key ring and the target physical code corresponding to the container lock;
a generation module, configured to encrypt the digest of the sensor data using a private key of the target user and the target public key ring, generate a digital signature, and write the digital signature into an operator field of the data uplink event;
an upload module for uploading the data uplink event and the sensor data to a blockchain network;
and the transmission module is used for sending feedback information to the container lock after the data chaining event and the sensor data are uploaded, so as to inform the container lock of clearing the sensor data.
7. A terminal device, characterized in that it comprises a memory and a processor, said memory storing a computer program which, when executed by said processor, causes said processor to carry out the steps of the container lock data processing method according to any one of claims 1-3.
8. A container lock, characterized in that it comprises a memory and a processor, said memory storing a computer program which, when executed by said processor, causes said processor to carry out the steps of the container lock data processing method according to claim 4 or 5.
9. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, causes the processor to carry out the steps of the container lock data processing method according to any one of claims 1 to 5.
CN202111267301.7A 2021-10-29 2021-10-29 Container lock data processing method, related equipment and storage medium Active CN113708940B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111267301.7A CN113708940B (en) 2021-10-29 2021-10-29 Container lock data processing method, related equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111267301.7A CN113708940B (en) 2021-10-29 2021-10-29 Container lock data processing method, related equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113708940A CN113708940A (en) 2021-11-26
CN113708940B true CN113708940B (en) 2022-02-08

Family

ID=78647498

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111267301.7A Active CN113708940B (en) 2021-10-29 2021-10-29 Container lock data processing method, related equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113708940B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114255532B (en) * 2021-12-17 2024-07-16 中国建设银行股份有限公司 Money box management method and device, electronic equipment and storage medium
CN114448647A (en) * 2022-04-02 2022-05-06 深圳百纳维科技有限公司 Container lock circuit interacting with block chain and container lock

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100877943B1 (en) * 2003-10-06 2009-01-12 인터내셔널 비지네스 머신즈 코포레이션 Documenting security related aspects in the process of container shipping
CN109583230A (en) * 2018-10-31 2019-04-05 阿里巴巴集团控股有限公司 Data based on block chain deposit card method and device, electronic equipment
US11145147B2 (en) * 2019-08-21 2021-10-12 T-Mobile Usa, Inc. Location-aware beacon scanning and authentication for secure lock control and other IoT applications
CN111080213B (en) * 2020-01-02 2024-09-06 航天信息股份有限公司 Method and system for collecting coded block chain data of container grain sealing inspection
CN112804682B (en) * 2020-12-31 2023-02-17 新奥数能科技有限公司 Data transmission method and device, readable medium and electronic equipment

Also Published As

Publication number Publication date
CN113708940A (en) 2021-11-26

Similar Documents

Publication Publication Date Title
CN109472166B (en) Electronic signature method, device, equipment and medium
CN113708940B (en) Container lock data processing method, related equipment and storage medium
CN105915502B (en) The method and system being added conducive to network
CN104821937B (en) Token acquisition methods, apparatus and system
CN108347361B (en) Application program testing method and device, computer equipment and storage medium
CN106211048A (en) The password unlocking method of smart lock, Apparatus and system
CN105184935A (en) Bluetooth intelligent lock system capable of sharing passwords by WeChat
WO2021189201A1 (en) Flight data processing method and device, recorder, unmanned aerial vehicle, and storage medium
CN104301320A (en) Four terminal integrated encryption type cloud service method and system
CN108227579A (en) A kind of processing method and processing device of vehicle diagnosis information, electronic equipment
CN106817346A (en) Data transmission method and device and electronic equipment
CN104281903A (en) Electric automobile battery safety processing method and battery safety management device
CN113708939B (en) Container lock control method and device, container lock and storage medium
CN102082669A (en) Security certification method and device
CN109861947A (en) A kind of network abduction processing method and processing device, electronic equipment
CN107241449A (en) Method of data synchronization and device, hand-held mobile terminal and storage medium
CN109302442A (en) A kind of data storage method of proof and relevant device
CN109088872A (en) Application method, device, electronic equipment and the medium of cloud platform with service life
US9756044B2 (en) Establishment of communication connection between mobile device and secure element
CN111259452A (en) Data management method based on block chain and related device
CN110278077B (en) Method, device, equipment and storage medium for acquiring data information of electric energy meter
CN106503529A (en) A kind of cloud storage system based on fingerprint
CN109146522A (en) Food safety trace back method and system based on block chain
US9952575B2 (en) Energy management systems and methods
CN210067709U (en) Electronic lock and electronic packaging device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant